nimrodpar / Obfvious
☆14Updated 4 years ago
Alternatives and similar repositories for Obfvious:
Users that are interested in Obfvious are comparing it to the libraries listed below
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- .lib file for linking against the NT CRT☆18Updated 2 years ago
- hooking KiUserApcDispatcher☆24Updated 7 years ago
- Code Integrity Violation Spotter☆16Updated 9 months ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Updated 4 years ago
- Windows Broken Stack Guard Page☆11Updated 2 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 7 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Shellcode injection using debugging APIs☆19Updated 11 years ago
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆24Updated last year
- A dark x64dbg color theme based on IDA Consonance☆19Updated 6 years ago
- ☆21Updated 3 years ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆17Updated 2 years ago
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago
- Dynamic Taint Analysis versus Obfuscated Self-Checking☆16Updated 3 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- RET / JMP RBX call spoofer☆9Updated 5 years ago
- ☆16Updated 5 years ago
- ☆19Updated 9 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- A benign application used to demonstrate an EDR detection. This version is procedural (i.e., not object-oriented).☆1Updated 2 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- ☆13Updated 3 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- Data and structures regarding the research done on WdFilter☆12Updated 4 years ago
- Native file compressor using only the ntdll.dll☆9Updated 6 years ago